[solved] Zone not picked up by firewalld

Under Yast - firewall my enp2s0 device was not showing up as interface. Network manager was reporting that it used that interface to connect to the network. I have added the interface by executing:

sudo firewall-cmd --add-interface=enp2s0 --zone=home --permanent
sudo systemctl restart firewalld.service

This let the interface now show in the firewall gui under Yast. However the zone is not picked up by the firewall:

sudo firewall-cmd --get-active-zones
docker
  interfaces: docker0
public (default)
  interfaces: enp2s0

To my understanding this should be showing that home is set active for enp2s0 (I compared that with another TW install), however no matter what I try that does not reflect here. When I make changes to the public profile that change is reflected.

  1. Why did the interface not show up and I manually had to add that?
  2. Why are the changes made to the interface not shown after restarting the firewall daemon?

UPDATE I solved it. Under network manager no zone was selected and setting that in the network manager instantly reflects in firewall-cmd.

1 Like

Yea, unfortunately, it seems that NetworkManager is not picking up the changes made.
It should !! I’ll take a guess that if Wicked is used, it would pick it up.(why I prefer it).

Thanks for the post !